CN105210077B - 信息处理装置以及信息处理方法 - Google Patents

信息处理装置以及信息处理方法 Download PDF

Info

Publication number
CN105210077B
CN105210077B CN201480028447.8A CN201480028447A CN105210077B CN 105210077 B CN105210077 B CN 105210077B CN 201480028447 A CN201480028447 A CN 201480028447A CN 105210077 B CN105210077 B CN 105210077B
Authority
CN
China
Prior art keywords
built
function
data
program
daily record
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201480028447.8A
Other languages
English (en)
Chinese (zh)
Other versions
CN105210077A (zh
Inventor
川古谷裕平
岩村诚
针生刚男
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nippon Telegraph and Telephone Corp
Original Assignee
Nippon Telegraph and Telephone Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nippon Telegraph and Telephone Corp filed Critical Nippon Telegraph and Telephone Corp
Publication of CN105210077A publication Critical patent/CN105210077A/zh
Application granted granted Critical
Publication of CN105210077B publication Critical patent/CN105210077B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45545Guest-host, i.e. hypervisor is an application program itself, e.g. VirtualBox
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2101Auditing as a secondary aspect

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Debugging And Monitoring (AREA)
CN201480028447.8A 2013-05-16 2014-03-27 信息处理装置以及信息处理方法 Active CN105210077B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
JP2013-104481 2013-05-16
JP2013104481 2013-05-16
PCT/JP2014/058952 WO2014185165A1 (ja) 2013-05-16 2014-03-27 情報処理装置、および、情報処理方法

Publications (2)

Publication Number Publication Date
CN105210077A CN105210077A (zh) 2015-12-30
CN105210077B true CN105210077B (zh) 2018-04-13

Family

ID=51898149

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201480028447.8A Active CN105210077B (zh) 2013-05-16 2014-03-27 信息处理装置以及信息处理方法

Country Status (5)

Country Link
US (1) US10129275B2 (ja)
EP (1) EP2988242B1 (ja)
JP (1) JP6023317B2 (ja)
CN (1) CN105210077B (ja)
WO (1) WO2014185165A1 (ja)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10097567B2 (en) * 2013-05-20 2018-10-09 Nippon Telegraph And Telephone Corporation Information processing apparatus and identifying method
JP6677677B2 (ja) * 2017-06-21 2020-04-08 株式会社東芝 情報処理装置、情報処理システム、情報処理方法およびプログラム
US11016874B2 (en) * 2018-09-19 2021-05-25 International Business Machines Corporation Updating taint tags based on runtime behavior profiles
JP6899972B2 (ja) * 2018-11-16 2021-07-07 三菱電機株式会社 情報処理装置、情報処理方法及び情報処理プログラム
JP7501782B2 (ja) 2021-03-16 2024-06-18 日本電信電話株式会社 活動痕跡抽出装置、活動痕跡抽出方法および活動痕跡抽出プログラム
WO2023067801A1 (ja) * 2021-10-22 2023-04-27 日本電気株式会社 データ処理装置、データ処理方法、および記録媒体

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102054149A (zh) * 2009-11-06 2011-05-11 中国科学院研究生院 一种恶意代码行为特征提取方法
CN102521543A (zh) * 2011-12-23 2012-06-27 中国人民解放军国防科学技术大学 一种基于动态污点分析进行消息语义解析的方法

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090328218A1 (en) * 2006-08-28 2009-12-31 Mitsubishi Electric Corporation Data processing system, data processing method, and program
JP4755658B2 (ja) 2008-01-30 2011-08-24 日本電信電話株式会社 解析システム、解析方法および解析プログラム
JP5459313B2 (ja) * 2009-05-20 2014-04-02 日本電気株式会社 動的データフロー追跡方法、動的データフロー追跡プログラム、動的データフロー追跡装置
US8893280B2 (en) * 2009-12-15 2014-11-18 Intel Corporation Sensitive data tracking using dynamic taint analysis
US8769516B2 (en) 2010-08-19 2014-07-01 International Business Machines Corporation Systems and methods for automated support for repairing input model errors
US8739280B2 (en) 2011-09-29 2014-05-27 Hewlett-Packard Development Company, L.P. Context-sensitive taint analysis
US9519781B2 (en) * 2011-11-03 2016-12-13 Cyphort Inc. Systems and methods for virtualization and emulation assisted malware detection

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102054149A (zh) * 2009-11-06 2011-05-11 中国科学院研究生院 一种恶意代码行为特征提取方法
CN102521543A (zh) * 2011-12-23 2012-06-27 中国人民解放军国防科学技术大学 一种基于动态污点分析进行消息语义解析的方法

Also Published As

Publication number Publication date
US20160088007A1 (en) 2016-03-24
EP2988242A1 (en) 2016-02-24
JPWO2014185165A1 (ja) 2017-02-23
EP2988242B1 (en) 2019-02-27
US10129275B2 (en) 2018-11-13
WO2014185165A1 (ja) 2014-11-20
JP6023317B2 (ja) 2016-11-09
CN105210077A (zh) 2015-12-30
EP2988242A4 (en) 2016-11-23

Similar Documents

Publication Publication Date Title
CN105210077B (zh) 信息处理装置以及信息处理方法
US9594754B2 (en) Purity analysis using white list/black list analysis
US8752021B2 (en) Input vector analysis for memoization estimation
US8826254B2 (en) Memoizing with read only side effects
US8839204B2 (en) Determination of function purity for memoization
US8694574B2 (en) Optimized settings in a configuration database with boundaries
US11868468B2 (en) Discrete processor feature behavior collection
US20130074057A1 (en) Selecting Functions for Memoization Analysis
US20130073829A1 (en) Memory Usage Configuration Based on Observations
CN110741354A (zh) 呈现代码实体调用之间的差异
CN101458754B (zh) 一种监控应用程序行为的方法及装置
US20150066869A1 (en) Module Database with Tracing Options
CN101645119A (zh) 一种基于虚拟硬件环境的恶意代码自动分析方法及系统
US12093398B2 (en) Vulnerability analysis and reporting for embedded systems
US8499197B2 (en) Description language for identifying performance issues in event traces
CN101183414A (zh) 一种程序检测的方法、装置及程序分析的方法
US10241785B2 (en) Determination of production vs. development uses from tracer data
US20160092313A1 (en) Application Copy Counting Using Snapshot Backups For Licensing
US8468394B2 (en) Method of tracing selected activities within a data processing system by tagging selected items and tracing the tagged items
US20220012345A1 (en) History output apparatus, control method, and program
KR102202923B1 (ko) 공유 모듈 환경 내의 모듈 특정 트레이싱 기법
Ma Effective and Efficient Computation System Provenance Tracking
CN117519893A (zh) 一种云虚拟机内存恶意行为追溯取证方法
US20180196735A1 (en) Automatic instrumentation of code
CN102479147A (zh) 一种WinNT操作系统中截获端口数据的方法和系统

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant